CCE are now an accredited partner & re-seller of Tripwire, the leading provider of Security Configuration Management systems.

Tripwire Enterprise

Tripwire Enterprise is a security configuration management suite whose separate components work as stand-alone offerings or in a comprehensive, tightly integrated solution. It connects IT security to the businesses and missions it serves, protects systems by continually hardening their configurations, and detects the issues and changes that impact IT system integrity and cause exploits.

Tripwire Enterprise’s File Integrity Monitoring module detects the anomalies, unexpected changes, and deviations that indicate exploit attempts or threats across the industry’s broadest range of platforms, applications and devices. It assures integrity and maintains a “known and trusted” state for critical systems and the information they contain.

Tripwire Enterprise’s Policy Manager module helps customers meet the numerous security standards and regulations they face, from not only in-house security requirements but also governance regulations such as PCI, ISO, CIS and many more.

File Integrity Monitoring

There are five different endpoints that Tripwire Enterprise can monitor:

File systems, Windows, Linux or Unix OS

Databases, changes to schema and content

Directory services, LDAP, Active Directory etc

Virtual Infratructure, VMs, Hypervisors etc

Network devices, routers, switches firewalls

File Systems, File Integrity Monitoring
Tripwire Enterprise can monitor, in real-time, not only files under Windows, Linux and other supported operating systems but also additional focus points such as registries, Microsoft Exchange and Internet Information Server configurations. Tripwire also provide out-of-the-box recommended change audit rules to monitor things such as critical files and configurations.

Databases
Tripwire Enterprise not only monitors changes within the database itself, but can monitor changes to the structure of the database, known as the database schema.

Directory services
For example, Active Directory can monitor the changes within AD, help identify who added who to sensitive groups, eg: Domain Admins.

Virtual Infrastructures
Tripwire can monitor the configuration of the infrastructure, such as reconfiguration of virtual machines.

Network Devices
Through a command line interface, Tripwire Enterprise can connect to many different types of network devices, such as Firewalls, routers, and switches, pulling back information such as firewall rules, access control lists and configurations.

Third party integrations

Through the Tripwire Technology Alliance Program, there are a number of integrations that will provide additional functionality to Tripwire Enterprise. Threat Intelligence providers (e.g. Palo Alto, ThreatGrid, Lastline) Tripwire can detect a change on the endpoint, pass the file to a threat provider for analysis and then report information is passed back to Tripwire. Tripwire is able to integrate with Ticketing Systems (e.g ServiceNow, Remedy) to validate the change detected and verify if the change is considered a good or bad change. Tripwire is also able to integrate to 3rd Party SIEMs (e.g Splunk) and send change data out to the SIEM’s for correlation later. Tripwire currently has a couple of Splunk apps available today in the Splunk app store.

Automated Remediation of configuration:

Within Tripwire Enterprise, you are able to check and monitor the configuration of an application. If the configuration drifts in any way, we will detect the change and give you the opportunity to reverse the change back to the original setting. Helpful to get a system back to a known good state.

Policy Management:

One of the major features of Tripwire Enterprise is the policy management. Tripwire have over 700+ different policies available to customers, to freely download from the Tripwire Customer Centre and import into their Tripwire estate, such as PCI, CIS, ISO27001 etc. Once imported, there are a set of rules and tests that are ran against the endpoint to establish if they pass the relevant test or standard of choice. For example, there are a high number of requirements for PCI, and Tripwire Enterprise has developed tests for each of those requirements, such as checking the length of a password on a Windows Server or checking to see if administrator account is disabled. Dashboards and reports can also be created detailing which endpoints fail which tests. Tripwire Enterprise will then also provide you detailed remediation steps on how to get every specific endpoint version back in to a compliant state against the policy of choice.

Tripwire Apps:

There are a number of ‘plug-ins’ which can be also be acquired to help enhance the functionality of Tripwire Enterprise, for example, integration with current Ticketing systems; Whitelist profiling; Dynamic Software reconciliation, event sender etc. Having extremely rich API functionality provides our customers with an endless array of options when it comes to making sure Tripwire Enterprise fits well within their environment and processes.

To find out more on how Security Configuration Management planning can better protect your company, call Brad Yates on 0333 800 8800.

What our clients say:

The benefits that the CCE outsourcing arrangement provides are four-fold. Not only do we now have the predictability of expense, the ability to scale up or down in the face of change and the opportunity to more readily deliver to agreed service levels but we are now able to focus on other significant disciplines such as ITIL.

Professional Services, IT Director

Find out more

To learn more about how we can help you with :
• IT installation
• IT support & servicing
• Cloud Services
• Managed Print
Please call our team on 0333 800 8800.

Too busy to talk now? Leave your number and we’ll call you back.

Click here to expand our short call back form

Please complete all fields.

Name:
Company:
Telephone:
Best time to call:
Please check box, then click submit:

When you submit, you agree to being contact by CCE. For more information on how we collect and use your personal data, please read our Privacy policy (opens in new tab).